+++ /dev/null
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- * * http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- * * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.authz.facade;\r
-\r
-import static org.onap.aaf.authz.layer.Result.ERR_ActionNotCompleted;\r
-import static org.onap.aaf.authz.layer.Result.ERR_Backend;\r
-import static org.onap.aaf.authz.layer.Result.ERR_BadData;\r
-import static org.onap.aaf.authz.layer.Result.ERR_ConflictAlreadyExists;\r
-import static org.onap.aaf.authz.layer.Result.ERR_Denied;\r
-import static org.onap.aaf.authz.layer.Result.ERR_NotFound;\r
-import static org.onap.aaf.authz.layer.Result.ERR_NotImplemented;\r
-import static org.onap.aaf.authz.layer.Result.ERR_Policy;\r
-import static org.onap.aaf.authz.layer.Result.ERR_Security;\r
-import static org.onap.aaf.authz.layer.Result.OK;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_ChoiceNeeded;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_DelegateNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_DependencyExists;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_FutureNotRequested;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_InvalidDelegate;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_NsNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_PermissionNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_RoleNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_UserNotFound;\r
-import static org.onap.aaf.dao.aaf.cass.Status.ERR_UserRoleNotFound;\r
-\r
-import java.io.IOException;\r
-import java.lang.reflect.Method;\r
-import java.util.Date;\r
-\r
-import javax.servlet.http.HttpServletRequest;\r
-import javax.servlet.http.HttpServletResponse;\r
-\r
-import org.onap.aaf.authz.env.AuthzEnv;\r
-import org.onap.aaf.authz.env.AuthzTrans;\r
-import org.onap.aaf.authz.layer.FacadeImpl;\r
-import org.onap.aaf.authz.layer.Result;\r
-import org.onap.aaf.authz.service.AuthzCassServiceImpl;\r
-import org.onap.aaf.authz.service.AuthzService;\r
-import org.onap.aaf.authz.service.mapper.Mapper;\r
-import org.onap.aaf.authz.service.mapper.Mapper.API;\r
-import org.onap.aaf.cssa.rserv.RServlet;\r
-import org.onap.aaf.cssa.rserv.RouteReport;\r
-import org.onap.aaf.cssa.rserv.doc.ApiDoc;\r
-import org.onap.aaf.dao.aaf.cass.NsType;\r
-import org.onap.aaf.dao.aaf.cass.Status;\r
-import org.onap.aaf.dao.aaf.hl.Question;\r
-\r
-import org.onap.aaf.cadi.aaf.client.Examples;\r
-import org.onap.aaf.inno.env.APIException;\r
-import org.onap.aaf.inno.env.Data;\r
-import org.onap.aaf.inno.env.Data.TYPE;\r
-import org.onap.aaf.inno.env.Env;\r
-import org.onap.aaf.inno.env.TimeTaken;\r
-import org.onap.aaf.inno.env.util.Chrono;\r
-import org.onap.aaf.rosetta.Marshal;\r
-import org.onap.aaf.rosetta.env.RosettaDF;\r
-import org.onap.aaf.rosetta.env.RosettaData;\r
-\r
-import aaf.v2_0.Api;\r
-\r
-/**\r
- * AuthzFacade\r
- * \r
- * This Service Facade encapsulates the essence of the API Service can do, and provides\r
- * a single created object for elements such as RosettaDF.\r
- *\r
- * The Responsibilities of this class are to:\r
- * 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage)\r
- * 2) Validate incoming data (if applicable)\r
- * 3) Convert the Service response into the right Format, and mark the Content Type\r
- * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.\r
- * 4) Log Service info, warnings and exceptions as necessary\r
- * 5) When asked by the API layer, this will create and write Error content to the OutputStream\r
- * \r
- * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be \r
- * clearly coordinated with the API Documentation\r
- * \r
- *\r
- */\r
-public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> extends FacadeImpl implements AuthzFacade \r
- {\r
- private static final String FORBIDDEN = "Forbidden";\r
- private static final String NOT_FOUND = "Not Found";\r
- private static final String NOT_ACCEPTABLE = "Not Acceptable";\r
- private static final String GENERAL_SERVICE_ERROR = "General Service Error";\r
- private static final String NO_DATA = "***No Data***";\r
- private AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service = null;\r
- private final RosettaDF<NSS> nssDF;\r
- private final RosettaDF<PERMS> permsDF;\r
- private final RosettaDF<ROLES> roleDF;\r
- private final RosettaDF<USERS> usersDF;\r
- private final RosettaDF<USERROLES> userrolesDF;\r
- private final RosettaDF<CERTS> certsDF;\r
- private final RosettaDF<DELGS> delgDF;\r
- private final RosettaDF<REQUEST> permRequestDF;\r
- private final RosettaDF<REQUEST> roleRequestDF;\r
- private final RosettaDF<REQUEST> userRoleRequestDF;\r
- private final RosettaDF<REQUEST> rolePermRequestDF;\r
- private final RosettaDF<REQUEST> nsRequestDF;\r
- private final RosettaDF<REQUEST> credRequestDF;\r
- private final RosettaDF<REQUEST> delgRequestDF;\r
- private final RosettaDF<HISTORY> historyDF;\r
- private final RosettaDF<KEYS> keysDF;\r
-\r
- private final RosettaDF<ERR> errDF;\r
- private final RosettaDF<APPROVALS> approvalDF;\r
- // Note: Api is not different per Version\r
- private final RosettaDF<Api> apiDF;\r
-\r
-\r
- @SuppressWarnings("unchecked")\r
- public AuthzFacadeImpl(AuthzEnv env, AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service, Data.TYPE dataType) throws APIException {\r
- this.service = service;\r
- (nssDF = env.newDataFactory(service.mapper().getClass(API.NSS))).in(dataType).out(dataType);\r
- (permRequestDF = env.newDataFactory(service.mapper().getClass(API.PERM_REQ))).in(dataType).out(dataType);\r
- (permsDF = env.newDataFactory(service.mapper().getClass(API.PERMS))).in(dataType).out(dataType);\r
-// (permKeyDF = env.newDataFactory(service.mapper().getClass(API.PERM_KEY))).in(dataType).out(dataType);\r
- (roleDF = env.newDataFactory(service.mapper().getClass(API.ROLES))).in(dataType).out(dataType);\r
- (roleRequestDF = env.newDataFactory(service.mapper().getClass(API.ROLE_REQ))).in(dataType).out(dataType);\r
- (usersDF = env.newDataFactory(service.mapper().getClass(API.USERS))).in(dataType).out(dataType);\r
- (userrolesDF = env.newDataFactory(service.mapper().getClass(API.USER_ROLES))).in(dataType).out(dataType);\r
- (certsDF = env.newDataFactory(service.mapper().getClass(API.CERTS))).in(dataType).out(dataType)\r
- .rootMarshal((Marshal<CERTS>) service.mapper().getMarshal(API.CERTS));\r
- ;\r
- (userRoleRequestDF = env.newDataFactory(service.mapper().getClass(API.USER_ROLE_REQ))).in(dataType).out(dataType);\r
- (rolePermRequestDF = env.newDataFactory(service.mapper().getClass(API.ROLE_PERM_REQ))).in(dataType).out(dataType);\r
- (nsRequestDF = env.newDataFactory(service.mapper().getClass(API.NS_REQ))).in(dataType).out(dataType);\r
- (credRequestDF = env.newDataFactory(service.mapper().getClass(API.CRED_REQ))).in(dataType).out(dataType);\r
- (delgRequestDF = env.newDataFactory(service.mapper().getClass(API.DELG_REQ))).in(dataType).out(dataType);\r
- (historyDF = env.newDataFactory(service.mapper().getClass(API.HISTORY))).in(dataType).out(dataType);\r
- ( keysDF = env.newDataFactory(service.mapper().getClass(API.KEYS))).in(dataType).out(dataType);\r
- (delgDF = env.newDataFactory(service.mapper().getClass(API.DELGS))).in(dataType).out(dataType);\r
- (approvalDF = env.newDataFactory(service.mapper().getClass(API.APPROVALS))).in(dataType).out(dataType);\r
- (errDF = env.newDataFactory(service.mapper().getClass(API.ERROR))).in(dataType).out(dataType);\r
- (apiDF = env.newDataFactory(Api.class)).in(dataType).out(dataType);\r
- }\r
- \r
- public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper() {\r
- return service.mapper();\r
- }\r
- \r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#error(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, int)\r
- * \r
- * Note: Conforms to AT&T TSS RESTful Error Structure\r
- */\r
- @Override\r
- public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {\r
- String msg = result.details==null?"%s":"%s - " + result.details.trim();\r
- String msgId;\r
- String[] detail;\r
- if(result.variables==null) {\r
- detail = new String[1];\r
- } else {\r
- int l = result.variables.length;\r
- detail=new String[l+1];\r
- System.arraycopy(result.variables, 0, detail, 1, l);\r
- }\r
- //int httpstatus;\r
- \r
- switch(result.status) {\r
- case ERR_ActionNotCompleted:\r
- msgId = "SVC1202";\r
- detail[0] = "Accepted, Action not complete";\r
- response.setStatus(/*httpstatus=*/202);\r
- break;\r
-\r
- case ERR_Policy:\r
- msgId = "SVC3403";\r
- detail[0] = FORBIDDEN;\r
- response.setStatus(/*httpstatus=*/403);\r
- break;\r
- case ERR_Security:\r
- msgId = "SVC2403";\r
- detail[0] = FORBIDDEN;\r
- response.setStatus(/*httpstatus=*/403);\r
- break;\r
- case ERR_Denied:\r
- msgId = "SVC1403";\r
- detail[0] = FORBIDDEN;\r
- response.setStatus(/*httpstatus=*/403);\r
- break;\r
- // This is still forbidden to directly impact, but can be Requested when passed\r
- // with "request=true" query Param\r
- case ERR_FutureNotRequested:\r
- msgId = "SVC2403";\r
- detail[0] = msg;\r
- response.setStatus(/*httpstatus=*/403);\r
- break;\r
- \r
- case ERR_NsNotFound:\r
- msgId = "SVC2404";\r
- detail[0] = NOT_FOUND;\r
- response.setStatus(/*httpstatus=*/404);\r
- break;\r
- case ERR_RoleNotFound:\r
- msgId = "SVC3404";\r
- detail[0] = NOT_FOUND;\r
- response.setStatus(/*httpstatus=*/404);\r
- break;\r
- case ERR_PermissionNotFound:\r
- msgId = "SVC4404";\r
- detail[0] = NOT_FOUND;\r
- response.setStatus(/*httpstatus=*/404);\r
- break;\r
- case ERR_UserNotFound:\r
- msgId = "SVC5404";\r
- detail[0] = NOT_FOUND;\r
- response.setStatus(/*httpstatus=*/404);\r
- break;\r
- case ERR_UserRoleNotFound:\r
- msgId = "SVC6404";\r
- detail[0] = NOT_FOUND;\r
- response.setStatus(/*httpstatus=*/404);\r
- break;\r
- case ERR_DelegateNotFound:\r
- msgId = "SVC7404";\r
- detail[0] = NOT_FOUND;\r
- response.setStatus(/*httpstatus=*/404);\r
- break;\r
- case ERR_NotFound:\r
- msgId = "SVC1404";\r
- detail[0] = NOT_FOUND;\r
- response.setStatus(/*httpstatus=*/404);\r
- break;\r
-\r
- case ERR_InvalidDelegate:\r
- msgId="SVC2406";\r
- detail[0] = NOT_ACCEPTABLE;\r
- response.setStatus(/*httpstatus=*/406);\r
- break;\r
- case ERR_BadData:\r
- msgId="SVC1406";\r
- detail[0] = NOT_ACCEPTABLE;\r
- response.setStatus(/*httpstatus=*/406);\r
- break;\r
- \r
- case ERR_ConflictAlreadyExists:\r
- msgId = "SVC1409";\r
- detail[0] = "Conflict Already Exists";\r
- response.setStatus(/*httpstatus=*/409);\r
- break;\r
- \r
- case ERR_DependencyExists:\r
- msgId = "SVC1424";\r
- detail[0] = "Failed Dependency";\r
- response.setStatus(/*httpstatus=*/424);\r
- break;\r
- \r
- case ERR_NotImplemented:\r
- msgId = "SVC1501";\r
- detail[0] = "Not Implemented"; \r
- response.setStatus(/*httpstatus=*/501);\r
- break;\r
- \r
- case Status.ACC_Future:\r
- msgId = "SVC1202";\r
- detail[0] = "Accepted for Future, pending Approvals";\r
- response.setStatus(/*httpstatus=*/202);\r
- break;\r
- case ERR_ChoiceNeeded:\r
- msgId = "SVC1300";\r
- detail = result.variables;\r
- response.setStatus(/*httpstatus=*/300);\r
- break;\r
- case ERR_Backend: \r
- msgId = "SVC2500";\r
- detail[0] = GENERAL_SERVICE_ERROR;\r
- response.setStatus(/*httpstatus=*/500);\r
- break;\r
-\r
- default: \r
- msgId = "SVC1500";\r
- detail[0] = GENERAL_SERVICE_ERROR;\r
- response.setStatus(/*httpstatus=*/500);\r
- break;\r
- }\r
-\r
- try {\r
- StringBuilder holder = new StringBuilder();\r
- errDF.newData(trans).load(\r
- service.mapper()\r
- .errorFromMessage(holder,msgId,msg,detail))\r
- .to(response.getOutputStream());\r
- trans.checkpoint(\r
- holder.toString(),\r
-// String.format("ErrResp [" + msgId + "] " + msg,(Object[])detail),\r
- Env.ALWAYS);\r
- } catch (Exception e) {\r
- trans.error().log(e,"unable to send response for",msg);\r
- }\r
- }\r
- \r
- ///////////////////////////\r
- // Namespace\r
- ///////////////////////////\r
- public static final String CREATE_NS = "createNamespace";\r
- public static final String ADD_NS_ADMIN = "addNamespaceAdmin";\r
- public static final String DELETE_NS_ADMIN = "delNamespaceAdmin";\r
- public static final String ADD_NS_RESPONSIBLE = "addNamespaceResponsible";\r
- public static final String DELETE_NS_RESPONSIBLE = "delNamespaceResponsible";\r
- public static final String GET_NS_BY_NAME = "getNamespaceByName";\r
- public static final String GET_NS_BY_ADMIN = "getNamespaceByAdmin";\r
- public static final String GET_NS_BY_RESPONSIBLE = "getNamespaceByResponsible";\r
- public static final String GET_NS_BY_EITHER = "getNamespaceByEither";\r
- public static final String GET_NS_CHILDREN = "getNamespaceChildren";\r
- public static final String UPDATE_NS_DESC = "updateNamespaceDescription";\r
- public static final String DELETE_NS = "deleteNamespace";\r
- \r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#createNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
- */\r
- @Override\r
- public Result<Void> requestNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, NsType type) {\r
- TimeTaken tt = trans.start(CREATE_NS, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST request;\r
- try {\r
- Data<REQUEST> rd = nsRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,rd.asString());\r
- }\r
- request = rd.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,CREATE_NS);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
- \r
- Result<Void> rp = service.createNS(trans,request,type);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,nsRequestDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,CREATE_NS);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> addAdminToNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
- TimeTaken tt = trans.start(ADD_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Void> rp = service.addAdminNS(trans,ns,id);\r
- switch(rp.status) {\r
- case OK: \r
- //TODO Perms??\r
- setContentType(resp,nsRequestDF.getOutType());\r
- resp.getOutputStream().println();\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,ADD_NS_ADMIN);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> delAdminFromNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
- TimeTaken tt = trans.start(DELETE_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Void> rp = service.delAdminNS(trans, ns, id);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,nsRequestDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_NS_ADMIN);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> addResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
- TimeTaken tt = trans.start(ADD_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Void> rp = service.addResponsibleNS(trans,ns,id);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,nsRequestDF.getOutType());\r
- resp.getOutputStream().println();\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,ADD_NS_RESPONSIBLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> delResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {\r
- TimeTaken tt = trans.start(DELETE_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Void> rp = service.delResponsibleNS(trans, ns, id);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,nsRequestDF.getOutType());\r
- resp.getOutputStream().println();\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_NS_RESPONSIBLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByName(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getNSsByName(AuthzTrans trans, HttpServletResponse resp, String ns) {\r
- TimeTaken tt = trans.start(GET_NS_BY_NAME + ' ' + ns, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<NSS> rp = service.getNSbyName(trans, ns);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,nssDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_NS_BY_NAME);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
-// TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByAdmin(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getNSsByAdmin(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
- TimeTaken tt = trans.start(GET_NS_BY_ADMIN + ' ' + user, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<NSS> rp = service.getNSbyAdmin(trans, user, full);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,nssDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_NS_BY_ADMIN);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
-// TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getNSsByResponsible(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
- TimeTaken tt = trans.start(GET_NS_BY_RESPONSIBLE + ' ' + user, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<NSS> rp = service.getNSbyResponsible(trans, user, full);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
-\r
- setContentType(resp,nssDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_NS_BY_RESPONSIBLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getNSsByEither(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){\r
- TimeTaken tt = trans.start(GET_NS_BY_EITHER + ' ' + user, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<NSS> rp = service.getNSbyEither(trans, user, full);\r
- \r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
-\r
- setContentType(resp,nssDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_NS_BY_EITHER);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getNSsChildren(AuthzTrans trans, HttpServletResponse resp, String parent){\r
- TimeTaken tt = trans.start(GET_NS_CHILDREN + ' ' + parent, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<NSS> rp = service.getNSsChildren(trans, parent);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,nssDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_NS_CHILDREN);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> updateNsDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(UPDATE_NS_DESC, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = nsRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,UPDATE_NS_DESC);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
- }\r
- Result<Void> rp = service.updateNsDescription(trans, rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,nsRequestDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,UPDATE_NS_DESC);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- /*\r
- * (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#requestNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
- */\r
- @Override\r
- public Result<Void> deleteNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String ns) {\r
- TimeTaken tt = trans.start(DELETE_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Void> rp = service.deleteNS(trans,ns);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,nsRequestDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_NS);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- private final static String NS_CREATE_ATTRIB = "nsCreateAttrib";\r
- private final static String NS_UPDATE_ATTRIB = "nsUpdateAttrib";\r
- private final static String READ_NS_BY_ATTRIB = "readNsByAttrib";\r
- private final static String NS_DELETE_ATTRIB = "nsDeleteAttrib";\r
- \r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#createAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> createAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {\r
- TimeTaken tt = trans.start(NS_CREATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<?> rp = service.createNsAttrib(trans,ns,key,value);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp, keysDF.getOutType());\r
- resp.getOutputStream().println();\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,NS_CREATE_ATTRIB);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#readAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> readNsByAttrib(AuthzTrans trans, HttpServletResponse resp, String key) {\r
- TimeTaken tt = trans.start(READ_NS_BY_ATTRIB + ' ' + key, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<KEYS> rp = service.readNsByAttrib(trans, key);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<KEYS> data = keysDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,keysDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,READ_NS_BY_ATTRIB);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#updAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> updAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {\r
- TimeTaken tt = trans.start(NS_UPDATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<?> rp = service.updateNsAttrib(trans,ns,key,value);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp, keysDF.getOutType());\r
- resp.getOutputStream().println();\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,NS_UPDATE_ATTRIB);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
-\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#delAttribForNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> delAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key) {\r
- TimeTaken tt = trans.start(NS_DELETE_ATTRIB + ' ' + ns + ':'+key, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<?> rp = service.deleteNsAttrib(trans,ns,key);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp, keysDF.getOutType());\r
- resp.getOutputStream().println();\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,NS_DELETE_ATTRIB);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
-//\r
-// PERMISSION\r
-//\r
- public static final String CREATE_PERMISSION = "createPermission";\r
- public static final String GET_PERMS_BY_TYPE = "getPermsByType";\r
- public static final String GET_PERMS_BY_NAME = "getPermsByName";\r
- public static final String GET_PERMISSIONS_BY_USER = "getPermissionsByUser";\r
- public static final String GET_PERMISSIONS_BY_USER_WITH_QUERY = "getPermissionsByUserWithQuery";\r
- public static final String GET_PERMISSIONS_BY_ROLE = "getPermissionsByRole";\r
- public static final String GET_PERMISSIONS_BY_NS = "getPermissionsByNS";\r
- public static final String UPDATE_PERMISSION = "updatePermission";\r
- public static final String UPDATE_PERM_DESC = "updatePermissionDescription";\r
- public static final String SET_PERMISSION_ROLES_TO = "setPermissionRolesTo";\r
- public static final String DELETE_PERMISSION = "deletePermission";\r
- \r
- /*\r
- * (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> createPerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start( CREATE_PERMISSION, Env.SUB|Env.ALWAYS); \r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject(); \r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,CREATE_PERMISSION);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
- \r
- Result<Void> rp = service.createPerm(trans,rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,CREATE_PERMISSION);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getChildPerms(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getPermsByType(AuthzTrans trans, HttpServletResponse resp, String perm) {\r
- TimeTaken tt = trans.start(GET_PERMS_BY_TYPE + ' ' + perm, Env.SUB|Env.ALWAYS);\r
- try {\r
- \r
- Result<PERMS> rp = service.getPermsByType(trans, perm);\r
- switch(rp.status) {\r
- case OK:\r
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_PERMS_BY_TYPE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> getPermsByName(AuthzTrans trans, HttpServletResponse resp, \r
- String type, String instance, String action) {\r
- \r
- TimeTaken tt = trans.start(GET_PERMS_BY_NAME + ' ' + type\r
- + '|' + instance + '|' + action, Env.SUB|Env.ALWAYS);\r
- try {\r
- \r
- Result<PERMS> rp = service.getPermsByName(trans, type, instance, action);\r
- switch(rp.status) {\r
- case OK:\r
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_PERMS_BY_TYPE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getPermsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {\r
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<PERMS> rp = service.getPermsByUser(trans, user);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_PERMISSIONS_BY_USER, user);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getPermsByUserWithAAFQuery(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String user) {\r
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER_WITH_QUERY + ' ' + user, Env.SUB|Env.ALWAYS);\r
- try {\r
- PERMS perms;\r
- try {\r
- RosettaData<PERMS> data = permsDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- perms = data.asObject(); \r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,CREATE_PERMISSION);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
-\r
- Result<PERMS> rp = service.getPermsByUser(trans, perms, user);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_PERMISSIONS_BY_USER_WITH_QUERY , user);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getPermissionsForRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getPermsForRole(AuthzTrans trans, HttpServletResponse resp, String roleName) {\r
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_ROLE + ' ' + roleName, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<PERMS> rp = service.getPermsByRole(trans, roleName);\r
- switch(rp.status) {\r
- case OK:\r
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_PERMISSIONS_BY_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> getPermsByNS(AuthzTrans trans,HttpServletResponse resp,String ns) {\r
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<PERMS> rp = service.getPermsByNS(trans, ns);\r
- switch(rp.status) {\r
- case OK:\r
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_PERMISSIONS_BY_NS);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /*\r
- * (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> renamePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp,\r
- String origType, String origInstance, String origAction) {\r
- String cmdDescription = UPDATE_PERMISSION;\r
- TimeTaken tt = trans.start( cmdDescription + ' ' + origType + ' ' + origInstance + ' ' + origAction, Env.SUB|Env.ALWAYS); \r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject(); \r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,cmdDescription);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
- \r
- Result<Void> rp = service.renamePerm(trans,rreq, origType, origInstance, origAction);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,cmdDescription);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> updatePermDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(UPDATE_PERM_DESC, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,UPDATE_PERM_DESC);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
- }\r
- Result<Void> rp = service.updatePermDescription(trans, rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permRequestDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,UPDATE_PERM_DESC);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- \r
- @Override\r
- public Result<Void> resetPermRoles(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(SET_PERMISSION_ROLES_TO, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN, SET_PERMISSION_ROLES_TO);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
- \r
- Result<Void> rp = service.resetPermRoles(trans, rreq);\r
- \r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,SET_PERMISSION_ROLES_TO);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> deletePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(DELETE_PERMISSION, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,DELETE_PERMISSION);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
- }\r
-\r
- Result<Void> rp = service.deletePerm(trans,rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_PERMISSION);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> deletePerm(AuthzTrans trans, HttpServletResponse resp, String type, String instance, String action) {\r
- TimeTaken tt = trans.start(DELETE_PERMISSION + type + ' ' + instance + ' ' + action, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Void> rp = service.deletePerm(trans,type,instance,action);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_PERMISSION);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- public static final String CREATE_ROLE = "createRole";\r
- public static final String GET_ROLES_BY_USER = "getRolesByUser";\r
- public static final String GET_ROLES_BY_NS = "getRolesByNS";\r
- public static final String GET_ROLES_BY_NAME_ONLY = "getRolesByNameOnly";\r
- public static final String GET_ROLES_BY_NAME = "getRolesByName";\r
- public static final String GET_ROLES_BY_PERM = "getRolesByPerm";\r
- public static final String UPDATE_ROLE_DESC = "updateRoleDescription"; \r
- public static final String ADD_PERM_TO_ROLE = "addPermissionToRole";\r
- public static final String DELETE_PERM_FROM_ROLE = "deletePermissionFromRole";\r
- public static final String UPDATE_MGTPERM_ROLE = "updateMgtPermRole";\r
- public static final String DELETE_ROLE = "deleteRole";\r
- public static final String GET_CERT_BY_ID = "getCertByID";\r
-\r
- @Override\r
- public Result<Void> createRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(CREATE_ROLE, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,CREATE_ROLE);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
- }\r
- Result<Void> rp = service.createRole(trans, rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,roleRequestDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,CREATE_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByName(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getRolesByName(AuthzTrans trans, HttpServletResponse resp, String role) {\r
- TimeTaken tt = trans.start(GET_ROLES_BY_NAME + ' ' + role, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<ROLES> rp = service.getRolesByName(trans, role);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,roleDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_ROLES_BY_NAME);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getRolesByUser(AuthzTrans trans,HttpServletResponse resp, String user) {\r
- TimeTaken tt = trans.start(GET_ROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<ROLES> rp = service.getRolesByUser(trans, user);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,roleDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_ROLES_BY_USER, user);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getRolesByNS(AuthzTrans trans,HttpServletResponse resp, String ns) {\r
- TimeTaken tt = trans.start(GET_ROLES_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<ROLES> rp = service.getRolesByNS(trans, ns);\r
- switch(rp.status) {\r
- case OK: \r
- if(!rp.isEmpty()) {\r
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- } else {\r
- Question.logEncryptTrace(trans, NO_DATA);\r
- }\r
- setContentType(resp,roleDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_ROLES_BY_NS);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByNameOnly(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getRolesByNameOnly(AuthzTrans trans,HttpServletResponse resp, String nameOnly) {\r
- TimeTaken tt = trans.start(GET_ROLES_BY_NAME_ONLY + ' ' + nameOnly, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<ROLES> rp = service.getRolesByNameOnly(trans, nameOnly);\r
- switch(rp.status) {\r
- case OK: \r
- if(!rp.isEmpty()) {\r
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- } else {\r
- Question.logEncryptTrace(trans, NO_DATA);\r
- }\r
- setContentType(resp,roleDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_ROLES_BY_NAME_ONLY);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getRolesByPerm(AuthzTrans trans,HttpServletResponse resp, String type, String instance, String action) {\r
- TimeTaken tt = trans.start(GET_ROLES_BY_PERM + type +' '+instance+' '+action, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<ROLES> rp = service.getRolesByPerm(trans, type,instance,action);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,roleDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_ROLES_BY_PERM);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /*\r
- * (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#updateDescription(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
- */\r
- @Override\r
- public Result<Void> updateRoleDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(UPDATE_ROLE_DESC, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,UPDATE_ROLE_DESC);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
- }\r
- Result<Void> rp = service.updateRoleDescription(trans, rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,roleRequestDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return rp;\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,UPDATE_ROLE_DESC);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> addPermToRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(ADD_PERM_TO_ROLE, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,ADD_PERM_TO_ROLE);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
- }\r
- Result<Void> rp = service.addPermToRole(trans, rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- resp.getOutputStream().println();\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,ADD_PERM_TO_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> delPermFromRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(DELETE_PERM_FROM_ROLE, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,DELETE_PERM_FROM_ROLE);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
-\r
- }\r
- Result<Void> rp = service.delPermFromRole(trans, rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- resp.getOutputStream().println();\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_PERM_FROM_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> deleteRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
- TimeTaken tt = trans.start(DELETE_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Void> rp = service.deleteRole(trans, role);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> deleteRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(DELETE_ROLE, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN,CREATE_ROLE);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
-\r
- Result<Void> rp = service.deleteRole(trans, rreq);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- public static final String CREATE_CRED = "createUserCred";\r
- private static final String GET_CREDS_BY_NS = "getCredsByNS";\r
- private static final String GET_CREDS_BY_ID = "getCredsByID";\r
- public static final String UPDATE_CRED = "updateUserCred";\r
- public static final String EXTEND_CRED = "extendUserCred";\r
- public static final String DELETE_CRED = "deleteUserCred";\r
- public static final String DOES_CRED_MATCH = "doesCredMatch";\r
- public static final String VALIDATE_BASIC_AUTH = "validateBasicAuth";\r
-\r
-\r
-\r
- @Override\r
- /**\r
- * Create Credential\r
- * \r
- */\r
- public Result<Void> createUserCred(AuthzTrans trans, HttpServletRequest req) {\r
- TimeTaken tt = trans.start(CREATE_CRED, Env.SUB|Env.ALWAYS);\r
- try {\r
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- return service.createUserCred(trans, data.asObject());\r
- } catch(APIException e) {\r
- trans.error().log(e,"Bad Input data");\r
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,CREATE_CRED);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> changeUserCred(AuthzTrans trans, HttpServletRequest req) {\r
- TimeTaken tt = trans.start(UPDATE_CRED, Env.SUB|Env.ALWAYS);\r
- try {\r
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- return service.changeUserCred(trans, data.asObject());\r
- } catch(APIException e) {\r
- trans.error().log(e,"Bad Input data");\r
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,UPDATE_CRED);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#extendUserCred(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, int)\r
- */\r
- @Override\r
- public Result<Void> extendUserCred(AuthzTrans trans, HttpServletRequest req, String days) {\r
- TimeTaken tt = trans.start(EXTEND_CRED, Env.SUB|Env.ALWAYS);\r
- try {\r
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- return service.extendUserCred(trans, data.asObject(), days);\r
- } catch(APIException e) {\r
- trans.error().log(e,"Bad Input data");\r
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,EXTEND_CRED);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> getCredsByNS(AuthzTrans trans, HttpServletResponse resp, String ns) {\r
- TimeTaken tt = trans.start(GET_CREDS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);\r
- \r
- try {\r
- Result<USERS> ru = service.getCredsByNS(trans,ns);\r
- switch(ru.status) {\r
- case OK: \r
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
- if(Question.willSpecialLog(trans,trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,usersDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(ru);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_CREDS_BY_NS);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- \r
- }\r
- \r
- \r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getCredsByID(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getCredsByID(AuthzTrans trans, HttpServletResponse resp, String id) {\r
- TimeTaken tt = trans.start(GET_CREDS_BY_ID + ' ' + id, Env.SUB|Env.ALWAYS);\r
- \r
- try {\r
- Result<USERS> ru = service.getCredsByID(trans,id);\r
- switch(ru.status) {\r
- case OK: \r
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,usersDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(ru);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_CREDS_BY_ID);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- \r
- }\r
-\r
- @Override\r
- public Result<Void> deleteUserCred(AuthzTrans trans, HttpServletRequest req) {\r
- TimeTaken tt = trans.start(DELETE_CRED, Env.SUB|Env.ALWAYS);\r
- try {\r
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- return service.deleteUserCred(trans, data.asObject());\r
- } catch(APIException e) {\r
- trans.error().log(e,"Bad Input data");\r
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_CRED);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- } \r
- }\r
- \r
- \r
- @Override\r
- public Result<Date> doesCredentialMatch(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(DOES_CRED_MATCH, Env.SUB|Env.ALWAYS);\r
- try {\r
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- return service.doesCredentialMatch(trans, data.asObject());\r
- } catch(APIException e) {\r
- trans.error().log(e,"Bad Input data");\r
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());\r
- } catch (IOException e) {\r
- trans.error().log(e,IN,DOES_CRED_MATCH);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- } \r
- }\r
-\r
-\r
- @Override\r
- public Result<Void> validBasicAuth(AuthzTrans trans, HttpServletResponse resp, String basicAuth) {\r
- TimeTaken tt = trans.start(VALIDATE_BASIC_AUTH, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Date> result = service.validateBasicAuth(trans,basicAuth);\r
- switch(result.status){\r
- case OK:\r
- resp.getOutputStream().write(Chrono.utcStamp(result.value).getBytes());\r
- return Result.ok();\r
- }\r
- return Result.err(result);\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,VALIDATE_BASIC_AUTH);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getCertInfoByID(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id) {\r
- TimeTaken tt = trans.start(GET_CERT_BY_ID, Env.SUB|Env.ALWAYS);\r
- try { \r
- Result<CERTS> rci = service.getCertInfoByID(trans,req,id);\r
- \r
- switch(rci.status) {\r
- case OK: \r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- RosettaData<CERTS> data = certsDF.newData(trans).load(rci.value);\r
- Question.logEncryptTrace(trans,data.asString());\r
- data.to(resp.getOutputStream());\r
- } else {\r
- certsDF.direct(trans, rci.value, resp.getOutputStream());\r
- }\r
- setContentType(resp,certsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rci);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_CERT_BY_ID);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- public static final String CREATE_DELEGATE = "createDelegate";\r
- public static final String UPDATE_DELEGATE = "updateDelegate";\r
- public static final String DELETE_DELEGATE = "deleteDelegate";\r
- public static final String GET_DELEGATE_USER = "getDelegatesByUser";\r
- public static final String GET_DELEGATE_DELG = "getDelegatesByDelegate";\r
- \r
- @Override\r
- public Result<Void> createDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(CREATE_DELEGATE, Env.SUB|Env.ALWAYS);\r
- try { \r
- Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- return service.createDelegate(trans, data.asObject());\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,CREATE_DELEGATE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> updateDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(UPDATE_DELEGATE, Env.SUB|Env.ALWAYS);\r
- try { \r
- Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- return service.updateDelegate(trans, data.asObject());\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,UPDATE_DELEGATE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> deleteDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(DELETE_DELEGATE, Env.SUB|Env.ALWAYS);\r
- try {\r
- Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- return service.deleteDelegate(trans, data.asObject());\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_DELEGATE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> deleteDelegate(AuthzTrans trans, String userName) {\r
- TimeTaken tt = trans.start(DELETE_DELEGATE + ' ' + userName, Env.SUB|Env.ALWAYS);\r
- try {\r
- return service.deleteDelegate(trans, userName);\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_DELEGATE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> getDelegatesByUser(AuthzTrans trans, String user, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(GET_DELEGATE_USER, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<DELGS> rd = service.getDelegatesByUser(trans, user);\r
- \r
- switch(rd.status) {\r
- case OK: \r
- RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,delgDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rd);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_DELEGATE_USER);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> getDelegatesByDelegate(AuthzTrans trans, String delegate, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(GET_DELEGATE_DELG, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<DELGS> rd = service.getDelegatesByDelegate(trans, delegate);\r
- switch(rd.status) {\r
- case OK: \r
- RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,delgDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rd);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_DELEGATE_DELG);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- private static final String REQUEST_USER_ROLE = "createUserRole";\r
- private static final String GET_USERROLES = "getUserRoles";\r
- private static final String GET_USERROLES_BY_ROLE = "getUserRolesByRole";\r
- private static final String GET_USERROLES_BY_USER = "getUserRolesByUser";\r
- private static final String SET_ROLES_FOR_USER = "setRolesForUser";\r
- private static final String SET_USERS_FOR_ROLE = "setUsersForRole";\r
- private static final String EXTEND_USER_ROLE = "extendUserRole";\r
- private static final String DELETE_USER_ROLE = "deleteUserRole";\r
- @Override\r
- public Result<Void> requestUserRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(REQUEST_USER_ROLE, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST request;\r
- try {\r
- Data<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- request = data.asObject();\r
- } catch(APIException e) {\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
- \r
- Result<Void> rp = service.createUserRole(trans,request);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,REQUEST_USER_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> getUserInRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
- TimeTaken tt = trans.start(GET_USERROLES + ' ' + user + '|' + role, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<USERS> ru = service.getUserInRole(trans,user,role);\r
- switch(ru.status) {\r
- case OK: \r
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,usersDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(ru);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_USERROLES);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
-\r
- }\r
-\r
- @Override\r
- public Result<Void> getUserRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user) {\r
- TimeTaken tt = trans.start(GET_USERROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<USERROLES> ru = service.getUserRolesByUser(trans,user);\r
- switch(ru.status) {\r
- case OK: \r
- RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,usersDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(ru);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_USERROLES_BY_USER);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
-\r
- }\r
- \r
- @Override\r
- public Result<Void> getUserRolesByRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
- TimeTaken tt = trans.start(GET_USERROLES_BY_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<USERROLES> ru = service.getUserRolesByRole(trans,role);\r
- switch(ru.status) {\r
- case OK: \r
- RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,usersDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(ru);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_USERROLES_BY_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
-\r
- }\r
- \r
-\r
- @Override\r
- public Result<Void> resetUsersForRole(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {\r
- TimeTaken tt = trans.start(SET_USERS_FOR_ROLE, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN, SET_USERS_FOR_ROLE);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
- \r
- Result<Void> rp = service.resetUsersForRole(trans, rreq);\r
- \r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,SET_USERS_FOR_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- \r
- }\r
-\r
- @Override\r
- public Result<Void> resetRolesForUser(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {\r
- TimeTaken tt = trans.start(SET_ROLES_FOR_USER, Env.SUB|Env.ALWAYS);\r
- try {\r
- REQUEST rreq;\r
- try {\r
- RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- rreq = data.asObject();\r
- } catch(APIException e) {\r
- trans.error().log("Invalid Input",IN, SET_ROLES_FOR_USER);\r
- return Result.err(Status.ERR_BadData,"Invalid Input");\r
- }\r
- \r
- Result<Void> rp = service.resetRolesForUser(trans, rreq);\r
- \r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,SET_ROLES_FOR_USER);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- \r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#extendUserRoleExpiration(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> extendUserRoleExpiration(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
- TimeTaken tt = trans.start(EXTEND_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);\r
- try {\r
- return service.extendUserRole(trans,user,role);\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,EXTEND_USER_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> deleteUserRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {\r
- TimeTaken tt = trans.start(DELETE_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<Void> rp = service.deleteUserRole(trans,user,role);\r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,DELETE_USER_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- private static final String UPDATE_APPROVAL = "updateApproval";\r
- private static final String GET_APPROVALS_BY_USER = "getApprovalsByUser.";\r
- private static final String GET_APPROVALS_BY_TICKET = "getApprovalsByTicket.";\r
- private static final String GET_APPROVALS_BY_APPROVER = "getApprovalsByApprover.";\r
- \r
- @Override\r
- public Result<Void> updateApproval(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {\r
- TimeTaken tt = trans.start(UPDATE_APPROVAL, Env.SUB|Env.ALWAYS);\r
- try {\r
- Data<APPROVALS> data = approvalDF.newData().load(req.getInputStream());\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- Result<Void> rp = service.updateApproval(trans, data.asObject());\r
- \r
- switch(rp.status) {\r
- case OK: \r
- setContentType(resp,approvalDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,UPDATE_APPROVAL);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
- @Override\r
- public Result<Void> getApprovalsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {\r
- TimeTaken tt = trans.start(GET_APPROVALS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<APPROVALS> rp = service.getApprovalsByUser(trans, user);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
- data.to(resp.getOutputStream());\r
- \r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_APPROVALS_BY_USER, user);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> getApprovalsByApprover(AuthzTrans trans, HttpServletResponse resp, String approver) {\r
- TimeTaken tt = trans.start(GET_APPROVALS_BY_APPROVER + ' ' + approver, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<APPROVALS> rp = service.getApprovalsByApprover(trans, approver);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_APPROVALS_BY_APPROVER,approver);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- @Override\r
- public Result<Void> getApprovalsByTicket(AuthzTrans trans, HttpServletResponse resp, String ticket) {\r
- TimeTaken tt = trans.start(GET_APPROVALS_BY_TICKET, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<APPROVALS> rp = service.getApprovalsByTicket(trans, ticket);\r
- switch(rp.status) {\r
- case OK: \r
- RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,permsDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rp);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_APPROVALS_BY_TICKET);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
-\r
- \r
- public static final String GET_USERS_PERMISSION = "getUsersByPermission";\r
- public static final String GET_USERS_ROLE = "getUsersByRole";\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getUsersByRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getUsersByRole(AuthzTrans trans, HttpServletResponse resp, String role) {\r
- TimeTaken tt = trans.start(GET_USERS_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<USERS> ru = service.getUsersByRole(trans,role);\r
- switch(ru.status) {\r
- case OK: \r
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,usersDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(ru);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_USERS_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getUsersByPermission(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getUsersByPermission(AuthzTrans trans, HttpServletResponse resp, \r
- String type, String instance, String action) {\r
- TimeTaken tt = trans.start(GET_USERS_PERMISSION + ' ' + type + ' ' + instance + ' ' +action, Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<USERS> ru = service.getUsersByPermission(trans,type,instance,action);\r
- switch(ru.status) {\r
- case OK: \r
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,usersDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(ru);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_USERS_PERMISSION);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- \r
- public static final String GET_HISTORY_USER = "getHistoryByUser";\r
- public static final String GET_HISTORY_ROLE = "getHistoryByRole";\r
- public static final String GET_HISTORY_PERM = "getHistoryByPerm";\r
- public static final String GET_HISTORY_NS = "getHistoryByNS";\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByUser(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)\r
- */\r
- @Override\r
- public Result<Void> getHistoryByUser(AuthzTrans trans, HttpServletResponse resp, String user, int[] yyyymm, final int sort) {\r
- StringBuilder sb = new StringBuilder();\r
- sb.append(GET_HISTORY_USER);\r
- sb.append(' ');\r
- sb.append(user);\r
- sb.append(" for ");\r
- boolean first = true;\r
- for(int i : yyyymm) {\r
- if(first) {\r
- first = false;\r
- } else {\r
- sb.append(',');\r
- }\r
- sb.append(i);\r
- }\r
- TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
-\r
- try {\r
- Result<HISTORY> rh = service.getHistoryByUser(trans,user,yyyymm,sort);\r
- switch(rh.status) {\r
- case OK: \r
- RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,historyDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rh);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_HISTORY_USER);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByRole(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
- */\r
- @Override\r
- public Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String role, int[] yyyymm, final int sort) {\r
- StringBuilder sb = new StringBuilder();\r
- sb.append(GET_HISTORY_ROLE);\r
- sb.append(' ');\r
- sb.append(role);\r
- sb.append(" for ");\r
- boolean first = true;\r
- for(int i : yyyymm) {\r
- if(first) {\r
- first = false;\r
- } else {\r
- sb.append(',');\r
- }\r
- sb.append(i);\r
- }\r
- TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<HISTORY> rh = service.getHistoryByRole(trans,role,yyyymm,sort);\r
- switch(rh.status) {\r
- case OK: \r
- RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,historyDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rh);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_HISTORY_ROLE);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByNS(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
- */\r
- @Override\r
- public Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String ns, int[] yyyymm, final int sort) {\r
- StringBuilder sb = new StringBuilder();\r
- sb.append(GET_HISTORY_NS);\r
- sb.append(' ');\r
- sb.append(ns);\r
- sb.append(" for ");\r
- boolean first = true;\r
- for(int i : yyyymm) {\r
- if(first) {\r
- first = false;\r
- } else {\r
- sb.append(',');\r
- }\r
- sb.append(i);\r
- }\r
- TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<HISTORY> rh = service.getHistoryByNS(trans,ns,yyyymm,sort);\r
- switch(rh.status) {\r
- case OK: \r
- RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,historyDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rh);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_HISTORY_NS);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getHistoryByPerm(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])\r
- */\r
- @Override\r
- public Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String perm, int[] yyyymm, final int sort) {\r
- StringBuilder sb = new StringBuilder();\r
- sb.append(GET_HISTORY_PERM);\r
- sb.append(' ');\r
- sb.append(perm);\r
- sb.append(" for ");\r
- boolean first = true;\r
- for(int i : yyyymm) {\r
- if(first) {\r
- first = false;\r
- } else {\r
- sb.append(',');\r
- }\r
- sb.append(i);\r
- }\r
- TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);\r
- try {\r
- Result<HISTORY> rh = service.getHistoryByPerm(trans,perm,yyyymm,sort);\r
- switch(rh.status) {\r
- case OK: \r
- RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,historyDF.getOutType());\r
- return Result.ok();\r
- default:\r
- return Result.err(rh);\r
- }\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,GET_HISTORY_PERM);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- public final static String CACHE_CLEAR = "cacheClear "; \r
-// public final static String CACHE_VALIDATE = "validateCache";\r
- \r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.authz.env.AuthzTrans, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> cacheClear(AuthzTrans trans, String cname) {\r
- TimeTaken tt = trans.start(CACHE_CLEAR + cname, Env.SUB|Env.ALWAYS);\r
- try {\r
- return service.cacheClear(trans,cname);\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,CACHE_CLEAR);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.authz.env.AuthzTrans, java.lang.String, java.lang.Integer)\r
- */\r
- @Override\r
- public Result<Void> cacheClear(AuthzTrans trans, String cname, String segments) {\r
- TimeTaken tt = trans.start(CACHE_CLEAR + cname + ", segments[" + segments + ']', Env.SUB|Env.ALWAYS);\r
- try {\r
- String[] segs = segments.split("\\s*,\\s*");\r
- int isegs[] = new int[segs.length];\r
- for(int i=0;i<segs.length;++i) {\r
- try {\r
- isegs[i] = Integer.parseInt(segs[i]);\r
- } catch(NumberFormatException nfe) {\r
- isegs[i] = -1;\r
- }\r
- }\r
- return service.cacheClear(trans,cname, isegs);\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,CACHE_CLEAR);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#dbReset(org.onap.aaf.authz.env.AuthzTrans)\r
- */\r
- @Override\r
- public void dbReset(AuthzTrans trans) {\r
- service.dbReset(trans);\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getAPI(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse)\r
- */\r
- public final static String API_REPORT = "apiReport";\r
- @Override\r
- public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet) {\r
- TimeTaken tt = trans.start(API_REPORT, Env.SUB);\r
- try {\r
- Api api = new Api();\r
- Api.Route ar;\r
- Method[] meths = AuthzCassServiceImpl.class.getDeclaredMethods();\r
- for(RouteReport rr : rservlet.routeReport()) {\r
- api.getRoute().add(ar = new Api.Route());\r
- ar.setMeth(rr.meth.name());\r
- ar.setPath(rr.path);\r
- ar.setDesc(rr.desc);\r
- ar.getContentType().addAll(rr.contextTypes);\r
- for(Method m : meths) {\r
- ApiDoc ad;\r
- if((ad = m.getAnnotation(ApiDoc.class))!=null &&\r
- rr.meth.equals(ad.method()) &&\r
- rr.path.equals(ad.path())) {\r
- for(String param : ad.params()) {\r
- ar.getParam().add(param);\r
- }\r
- for(String text : ad.text()) {\r
- ar.getComments().add(text);\r
- }\r
- ar.setExpected(ad.expectedCode());\r
- for(int ec : ad.errorCodes()) {\r
- ar.getExplicitErr().add(ec);\r
- }\r
- }\r
- }\r
- }\r
- RosettaData<Api> data = apiDF.newData(trans).load(api);\r
- if(Question.willSpecialLog(trans, trans.user())) {\r
- Question.logEncryptTrace(trans,data.asString());\r
- }\r
-\r
- data.to(resp.getOutputStream());\r
- setContentType(resp,apiDF.getOutType());\r
- return Result.ok();\r
-\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,API_REPORT);\r
- return Result.err(e);\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
- \r
-\r
- public final static String API_EXAMPLE = "apiExample";\r
-\r
- /* (non-Javadoc)\r
- * @see org.onap.aaf.authz.facade.AuthzFacade#getAPIExample(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)\r
- */\r
- @Override\r
- public Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) {\r
- TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);\r
- try {\r
- String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional); \r
- resp.getOutputStream().print(content);\r
- setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);\r
- return Result.ok();\r
- } catch (Exception e) {\r
- trans.error().log(e,IN,API_EXAMPLE);\r
- return Result.err(Status.ERR_NotImplemented,e.getMessage());\r
- } finally {\r
- tt.done();\r
- }\r
- }\r
-\r
-}\r